Gervase Markham

Main menu

Post navigation

Watching Restricted AirMo Videos

Normally, the awesome air.mozilla.org uses WebM for archived video. (Yay!) However, on a couple of occasions recently I’ve wanted to watch a video from Air Mozilla offline (on a plane or train). But videos which are non-public (e.g. MoCo-only or Mozillians-only) are not served as WebM, but as something else in a Flash container. Which means no “Save Video As…” menu item, and no offline viewing.

This also means that you can’t watch them at all (even online) on platforms which don’t support Flash. When I’m properly logged in to AirMo on my Android phone using Firefox Aurora with plugins disabled, vid.ly gives a (misleading) “you do not have permission to watch this video” error.

I emailed Richard Milewski about this, and he said that this was due to a “time-limited token checking protocol” which AirMo and vid.ly use together to prevent people accidentally sharing working links to restricted videos. I can see the sense in that, but I’m not sure how that feature itself requires the use of Flash. You could have such a protocol, and still serve WebM content. I can see how Flash makes it harder to download the video, although it makes it by no means impossible, particularly for a community of browser and network hackers! If someone is determined to share this content against our wishes, they’ll probably find a way, Flash or no Flash.

By setting things up this way, it seems to me that what we are effectively saying by our actions is that “if you want to have restricted access videos, web standards won’t cut it. Flash is the only way to go.” I hope that’s not true. Our use case is one which the web platform should support.

Due to a large amount of hard work, AirMo is unrecognisable from two years ago, and it’s an awesome community resource. And I know the AirMo team has been working to use web standards in more of its operations. Should removing the Flash requirement from all archived videos be added to that list?

All live content is on EdgeCast, and all archived content comes from vid.ly. Edgecast is flash at the moment, though they very recently got the ability to support token authentication for H.264 over HLS. (Still not WebM, though.) We haven’t had the resources to implement HLS (which would be a win for iOS and Android), and that picture is getting worse, not better.

I’m puzzled that doing token auth causes vid.ly to abandon all the magic capability and device detection they do and simply serve Flash. I’ll poke around and see what I can learn.